smc_zkp_dl: make v an output parameter

crypto.c

@@ -616,13 +616,13 @@ smc_compute_outcome (struct AuctionData *ad)
  * smc_zkp_dl creates a proof of knowledge of @a x with \f$v = xg\f$ where
  * \f$g\f$ is the base point on Ed25519.
  *
- * @param[in] v input point. Must be known to the verifier.
+ * @param[out] v output point. Must be known to the verifier.
  * @param[in] x private key. Knowledge of this number is certified in the proof
  * @param[out] proof pointer where to save the output proof structure. Must be
  * shared with the verifier.
  */
 void
-smc_zkp_dl (const gcry_mpi_point_t v,
+smc_zkp_dl (gcry_mpi_point_t v,
             const gcry_mpi_t x,
             struct proof_dl  *proof)
 {
@@ -633,6 +633,9 @@ smc_zkp_dl (const gcry_mpi_point_t v,
 	gcry_mpi_t              c = gcry_mpi_new (0);
 	gcry_mpi_t              z = gcry_mpi_new (0);
 
+	/* v = xg */
+	gcry_mpi_ec_mul (v, x, ec_gen, ec_ctx);
+
 	/* a = zg */
 	ec_keypair_create (a, z);
 

crypto.h

@@ -84,7 +84,7 @@ struct proof_0og {
 	struct ec_mpi r2;
 };
 
-void smc_zkp_dl (const gcry_mpi_point_t v,
+void smc_zkp_dl (gcry_mpi_point_t v,
                  const gcry_mpi_t x,
                  struct proof_dl  *proof);
 int smc_zkp_dl_check (const gcry_mpi_point_t v,

test_crypto.c

@@ -106,8 +106,7 @@ test_smc_zkp_dl ()
 	gcry_mpi_t       x = gcry_mpi_new (0);
 	gcry_mpi_point_t v = gcry_mpi_point_new (0);
 
-	/* v = xg */
-	ec_keypair_create (v, x);
+	ec_skey_create (x);
 
 	smc_zkp_dl (v, x, &proof);
 	check (gcry_mpi_ec_curve_point (v, ec_ctx), "not on curve");